Logging failed proxy attempts
Alan DeKok
aland at deployingradius.com
Wed Mar 13 16:47:45 UTC 2024
On Mar 12, 2024, at 9:21 AM, Paul Moser via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>
> I'd like to log failed proxied authentication attempts (missing responses) and some information to identify which remote server did not respond.
>
> I've successfully configured a linelog module and Post-Proxy-Type Fail-Authentication section to log a message when no response is received but am struggling to find any way of including in the log message information that will identify (eg. IP address/port or home server name) the remote server that failed to respond.
>
> I've found the Home-Server-Name attribute in the internal dictionary but when I try to use it in the format string in the linelog module it just expands to an empty string which ever attribute list I reference.
You can use %{home_server:....}. That gets you access to the items from the "home_server" configuration section for this request. i.e. the home server where packets were proxied to.
You can use %{client:...} for clients, in the same way.
Alan DeKok.
More information about the Freeradius-Users
mailing list